startup-starter/skybridge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

org

Browse Source
This commit is contained in:
Ryan Copley
2025-08-26 19:16:41 -04:00
parent 7ca61eb712
commit 6725529b01
113 changed files with 0 additions and 337 deletions
Download Patch File Download Diff File Expand all files Collapse all files

352
kms/internal/repository/interfaces.go Normal file
View File

@ -0,0 +1,352 @@
package repository
import (
"context"
"time"
"github.com/google/uuid"
"github.com/kms/api-key-service/internal/audit"
"github.com/kms/api-key-service/internal/domain"
)
// ApplicationRepository defines the interface for application data operations
type ApplicationRepository interface {
// Create creates a new application
Create(ctx context.Context, app *domain.Application) error
// GetByID retrieves an application by its ID
GetByID(ctx context.Context, appID string) (*domain.Application, error)
// List retrieves applications with pagination
List(ctx context.Context, limit, offset int) ([]*domain.Application, error)
// Update updates an existing application
Update(ctx context.Context, appID string, updates *domain.UpdateApplicationRequest) (*domain.Application, error)
// Delete deletes an application
Delete(ctx context.Context, appID string) error
// Exists checks if an application exists
Exists(ctx context.Context, appID string) (bool, error)
}
// StaticTokenRepository defines the interface for static token data operations
type StaticTokenRepository interface {
// Create creates a new static token
Create(ctx context.Context, token *domain.StaticToken) error
// GetByID retrieves a static token by its ID
GetByID(ctx context.Context, tokenID uuid.UUID) (*domain.StaticToken, error)
// GetByKeyHash retrieves a static token by its key hash
GetByKeyHash(ctx context.Context, keyHash string) (*domain.StaticToken, error)
// GetByAppID retrieves all static tokens for an application
GetByAppID(ctx context.Context, appID string) ([]*domain.StaticToken, error)
// List retrieves static tokens with pagination
List(ctx context.Context, limit, offset int) ([]*domain.StaticToken, error)
// Delete deletes a static token
Delete(ctx context.Context, tokenID uuid.UUID) error
// Exists checks if a static token exists
Exists(ctx context.Context, tokenID uuid.UUID) (bool, error)
}
// PermissionRepository defines the interface for permission data operations
type PermissionRepository interface {
// CreateAvailablePermission creates a new available permission
CreateAvailablePermission(ctx context.Context, permission *domain.AvailablePermission) error
// GetAvailablePermission retrieves an available permission by ID
GetAvailablePermission(ctx context.Context, permissionID uuid.UUID) (*domain.AvailablePermission, error)
// GetAvailablePermissionByScope retrieves an available permission by scope
GetAvailablePermissionByScope(ctx context.Context, scope string) (*domain.AvailablePermission, error)
// ListAvailablePermissions retrieves available permissions with pagination and filtering
ListAvailablePermissions(ctx context.Context, category string, includeSystem bool, limit, offset int) ([]*domain.AvailablePermission, error)
// UpdateAvailablePermission updates an available permission
UpdateAvailablePermission(ctx context.Context, permissionID uuid.UUID, permission *domain.AvailablePermission) error
// DeleteAvailablePermission deletes an available permission
DeleteAvailablePermission(ctx context.Context, permissionID uuid.UUID) error
// ValidatePermissionScopes checks if all given scopes exist and are valid
ValidatePermissionScopes(ctx context.Context, scopes []string) ([]string, error) // returns invalid scopes
// GetPermissionHierarchy returns all parent and child permissions for given scopes
GetPermissionHierarchy(ctx context.Context, scopes []string) ([]*domain.AvailablePermission, error)
}
// GrantedPermissionRepository defines the interface for granted permission operations
type GrantedPermissionRepository interface {
// GrantPermissions grants multiple permissions to a token
GrantPermissions(ctx context.Context, grants []*domain.GrantedPermission) error
// GetGrantedPermissions retrieves all granted permissions for a token
GetGrantedPermissions(ctx context.Context, tokenType domain.TokenType, tokenID uuid.UUID) ([]*domain.GrantedPermission, error)
// GetGrantedPermissionScopes retrieves only the scopes for a token (more efficient)
GetGrantedPermissionScopes(ctx context.Context, tokenType domain.TokenType, tokenID uuid.UUID) ([]string, error)
// RevokePermission revokes a specific permission from a token
RevokePermission(ctx context.Context, grantID uuid.UUID, revokedBy string) error
// RevokeAllPermissions revokes all permissions from a token
RevokeAllPermissions(ctx context.Context, tokenType domain.TokenType, tokenID uuid.UUID, revokedBy string) error
// HasPermission checks if a token has a specific permission
HasPermission(ctx context.Context, tokenType domain.TokenType, tokenID uuid.UUID, scope string) (bool, error)
// HasAnyPermission checks if a token has any of the specified permissions
HasAnyPermission(ctx context.Context, tokenType domain.TokenType, tokenID uuid.UUID, scopes []string) (map[string]bool, error)
}
// SessionRepository defines the interface for user session data operations
type SessionRepository interface {
// Create creates a new user session
Create(ctx context.Context, session *domain.UserSession) error
// GetByID retrieves a session by its ID
GetByID(ctx context.Context, sessionID uuid.UUID) (*domain.UserSession, error)
// GetByUserID retrieves all sessions for a user
GetByUserID(ctx context.Context, userID string) ([]*domain.UserSession, error)
// GetByUserAndApp retrieves sessions for a specific user and application
GetByUserAndApp(ctx context.Context, userID, appID string) ([]*domain.UserSession, error)
// GetActiveByUserID retrieves all active sessions for a user
GetActiveByUserID(ctx context.Context, userID string) ([]*domain.UserSession, error)
// List retrieves sessions with filtering and pagination
List(ctx context.Context, req *domain.SessionListRequest) (*domain.SessionListResponse, error)
// Update updates an existing session
Update(ctx context.Context, sessionID uuid.UUID, updates *domain.UpdateSessionRequest) error
// UpdateActivity updates the last activity timestamp for a session
UpdateActivity(ctx context.Context, sessionID uuid.UUID) error
// Revoke revokes a session
Revoke(ctx context.Context, sessionID uuid.UUID, revokedBy string) error
// RevokeAllByUser revokes all sessions for a user
RevokeAllByUser(ctx context.Context, userID string, revokedBy string) error
// RevokeAllByUserAndApp revokes all sessions for a user and application
RevokeAllByUserAndApp(ctx context.Context, userID, appID string, revokedBy string) error
// ExpireOldSessions marks expired sessions as expired
ExpireOldSessions(ctx context.Context) (int, error)
// DeleteExpiredSessions removes expired sessions older than the specified duration
DeleteExpiredSessions(ctx context.Context, olderThan time.Duration) (int, error)
// Exists checks if a session exists
Exists(ctx context.Context, sessionID uuid.UUID) (bool, error)
// GetSessionCount returns the total number of sessions for a user
GetSessionCount(ctx context.Context, userID string) (int, error)
// GetActiveSessionCount returns the number of active sessions for a user
GetActiveSessionCount(ctx context.Context, userID string) (int, error)
}
// DatabaseProvider defines the interface for database operations
type DatabaseProvider interface {
// GetDB returns the underlying database connection
GetDB() interface{}
// Ping checks the database connection
Ping(ctx context.Context) error
// Close closes all database connections
Close() error
// BeginTx starts a database transaction
BeginTx(ctx context.Context) (TransactionProvider, error)
}
// TransactionProvider defines the interface for database transaction operations
type TransactionProvider interface {
// Commit commits the transaction
Commit() error
// Rollback rolls back the transaction
Rollback() error
// GetTx returns the underlying transaction
GetTx() interface{}
}
// CacheProvider defines the interface for caching operations
type CacheProvider interface {
// Get retrieves a value from cache
Get(ctx context.Context, key string) ([]byte, error)
// Set stores a value in cache with expiration
Set(ctx context.Context, key string, value []byte, expiration time.Duration) error
// Delete removes a value from cache
Delete(ctx context.Context, key string) error
// Exists checks if a key exists in cache
Exists(ctx context.Context, key string) (bool, error)
// Flush clears all cache entries
Flush(ctx context.Context) error
// Close closes the cache connection
Close() error
}
// TokenProvider defines the interface for token operations
type TokenProvider interface {
// GenerateUserToken generates a JWT token for user authentication
GenerateUserToken(ctx context.Context, userToken *domain.UserToken, hmacKey string) (string, error)
// ValidateUserToken validates and parses a JWT token
ValidateUserToken(ctx context.Context, token string, hmacKey string) (*domain.UserToken, error)
// GenerateStaticToken generates a static API key
GenerateStaticToken(ctx context.Context) (string, error)
// HashStaticToken creates a secure hash of a static token
HashStaticToken(ctx context.Context, token string) (string, error)
// ValidateStaticToken validates a static token against its hash
ValidateStaticToken(ctx context.Context, token, hash string) (bool, error)
// RenewUserToken renews a user token while preserving max validity
RenewUserToken(ctx context.Context, currentToken *domain.UserToken, renewalDuration time.Duration, hmacKey string) (string, error)
}
// HashProvider defines the interface for cryptographic hashing operations
type HashProvider interface {
// Hash creates a secure hash of the input
Hash(ctx context.Context, input string) (string, error)
// Compare compares an input against a hash
Compare(ctx context.Context, input, hash string) (bool, error)
// GenerateKey generates a secure random key
GenerateKey(ctx context.Context, length int) (string, error)
}
// LoggerProvider defines the interface for logging operations
type LoggerProvider interface {
// Info logs an info level message
Info(ctx context.Context, msg string, fields ...interface{})
// Warn logs a warning level message
Warn(ctx context.Context, msg string, fields ...interface{})
// Error logs an error level message
Error(ctx context.Context, msg string, err error, fields ...interface{})
// Debug logs a debug level message
Debug(ctx context.Context, msg string, fields ...interface{})
// With returns a logger with additional fields
With(fields ...interface{}) LoggerProvider
}
// ConfigProvider defines the interface for configuration operations
type ConfigProvider interface {
// GetString retrieves a string configuration value
GetString(key string) string
// GetInt retrieves an integer configuration value
GetInt(key string) int
// GetBool retrieves a boolean configuration value
GetBool(key string) bool
// GetDuration retrieves a duration configuration value
GetDuration(key string) time.Duration
// GetStringSlice retrieves a string slice configuration value
GetStringSlice(key string) []string
// IsSet checks if a configuration key is set
IsSet(key string) bool
// Validate validates all required configuration values
Validate() error
}
// AuthenticationProvider defines the interface for user authentication
type AuthenticationProvider interface {
// GetUserID extracts the user ID from the request context/headers
GetUserID(ctx context.Context) (string, error)
// ValidateUser validates if the user is authentic
ValidateUser(ctx context.Context, userID string) error
// GetUserClaims retrieves additional user information/claims
GetUserClaims(ctx context.Context, userID string) (map[string]string, error)
// Name returns the provider name for identification
Name() string
}
// RateLimitProvider defines the interface for rate limiting operations
type RateLimitProvider interface {
// Allow checks if a request should be allowed for the given identifier
Allow(ctx context.Context, identifier string) (bool, error)
// Remaining returns the number of remaining requests for the identifier
Remaining(ctx context.Context, identifier string) (int, error)
// Reset returns when the rate limit will reset for the identifier
Reset(ctx context.Context, identifier string) (time.Time, error)
}
// MetricsProvider defines the interface for metrics collection
type MetricsProvider interface {
// IncrementCounter increments a counter metric
IncrementCounter(ctx context.Context, name string, labels map[string]string)
// RecordHistogram records a value in a histogram
RecordHistogram(ctx context.Context, name string, value float64, labels map[string]string)
// SetGauge sets a gauge metric value
SetGauge(ctx context.Context, name string, value float64, labels map[string]string)
// RecordDuration records the duration of an operation
RecordDuration(ctx context.Context, name string, duration time.Duration, labels map[string]string)
}
// AuditRepository defines the interface for audit event storage operations
type AuditRepository interface {
// Create stores a new audit event
Create(ctx context.Context, event *audit.AuditEvent) error
// Query retrieves audit events based on filter criteria
Query(ctx context.Context, filter *audit.AuditFilter) ([]*audit.AuditEvent, error)
// GetStats returns aggregated statistics for audit events
GetStats(ctx context.Context, filter *audit.AuditStatsFilter) (*audit.AuditStats, error)
// DeleteOldEvents removes audit events older than the specified time
DeleteOldEvents(ctx context.Context, olderThan time.Time) (int, error)
// GetByID retrieves a specific audit event by its ID
GetByID(ctx context.Context, eventID uuid.UUID) (*audit.AuditEvent, error)
// GetByRequestID retrieves all audit events for a specific request
GetByRequestID(ctx context.Context, requestID string) ([]*audit.AuditEvent, error)
// GetBySession retrieves all audit events for a specific session
GetBySession(ctx context.Context, sessionID string) ([]*audit.AuditEvent, error)
// GetByActor retrieves audit events for a specific actor
GetByActor(ctx context.Context, actorID string, limit, offset int) ([]*audit.AuditEvent, error)
// GetByResource retrieves audit events for a specific resource
GetByResource(ctx context.Context, resourceType, resourceID string, limit, offset int) ([]*audit.AuditEvent, error)
}